Roadmap

An honest inventory of what works, what is coming, and what is explicitly out of scope. Capa is released at v1.10.0: the surface is stable under SemVer, the 3127-test suite is green on three operating systems, the discipline is implemented end-to-end, information-flow control (a two-point security lattice with declassification recorded in the SBOM) is enforced end-to-end, the module system is feature-complete, the package manager ships (capa.toml + capa install + capa.lock), the capability manifest, CycloneDX SBOM, SPDX SBOM, CycloneDX VEX, and SLSA L1 provenance are all emitted directly by the compiler, and the Wasm Component Model backend is fully functional for real programs. STABILITY.md describes the compatibility commitment that starts the moment 1.0.0 ships.

Where we are today

Capa is at v1.10.0. It compiles, type-checks, transpiles to Python, lowers to WebAssembly (core and Component Model), and runs. Every example in this site and in the examples directory is executable. The boundary between what is real and what is roadmap is sharp:

Working today

Language core

Lexer + parser + analyzer + transpiler (4 stages, ~5K lines of Python)
Types: Int, Float, Bool, String, Char, Unit, tuples, List, Map, Set, Option, Result, Fun(...) -> ...
Structs, sum types (variants), generics with inference
Pattern matching (statement + expression form)
Closures and higher-order functions
? operator and Result-based error handling
Built-in capabilities: Stdio, Fs, Net, Env, Clock, Random, Db, Proc, Unsafe
User-defined capabilities (capability X + impl X for Y)
Capability attenuation: restrict_to on every built-in capability (monotonic, fail-closed)
consume qualifier with fork/merge tracking
Range expressions (a..b exclusive, a..=b inclusive), Range<Int> as a type
Python interop via the Unsafe capability boundary
Module system: import foo.bar with transitive imports, cycle detection, name conflicts, qualified access (foo.fn(), import foo as F), search paths via CAPA_PATH, and pub visibility enforcement
Package manager: capa.toml + capa install + capa.lock, git and path deps, automatic ./vendor/ resolution when a manifest is present

Information-flow control (IFC)

Two-point security lattice (@public below @secret) on types, parameters, and fields
Automatic label propagation by join; env.get is a secret-by-default source
Secret-to-public sink enforcement on Stdio / Net / Fs / Db sinks: warn-then-enforce by default, hard errors under @strict_ifc()
declassify(value, reason: "...") as the single auditable bridge, recorded in the SBOM as declassification_sites (with reason and source position)
Implicit-flow control under @strict_ifc; anti-laundering through aggregates and mutable containers (intra-procedural, whole-aggregate granularity stated honestly)
Flagship example: capa_paymentguard

Tooling

CLI: tokenize, --parse, --check, --transpile, --run, --watch, --fmt, --fmt-check, --doc, --manifest, --cyclonedx, --spdx, --vex, --provenance, --wasm, --wasm --component, --prefer-wasm, init, lsp, repl
Project scaffolding via capa init
REPL (capa repl): every standard capability pre-bound, multi-line if/for/while/match, dot-commands (.exit, .quit, .help, .show, .reset, .types <expr>), stdout-diffing across turns. v2 landed in full: slice A (readline-style line editing + persistent ~/.capa_repl_history), slice B (in-process exec() replacing subprocess, ~100x faster turns on Windows), and slice C (persistent namespace + incremental execution, so bindings persist and side effects fire exactly once). Full re-analysis is retained on each turn deliberately: it costs microseconds and enforces the capability discipline.
Watch mode (capa --watch): re-runs on file or imported-module change
AST round-trip formatter with comment preservation (v3, default in --fmt), with a v1+v2 line-level fallback for syntactically broken sources. Design doc at docs/formatter-v3-comment-map-design.md.
Doc-comment HTML generator (capa --doc) with paragraphs, inline code, fenced code blocks, lists, and a trait section
VSCode extension on the Marketplace (syntax highlighting, snippets, bundled LSP client)
Language server (LSP): diagnostics, hover, go-to-definition, find-references, document symbols (outline), code actions (Quick Fix for "did you mean?"), rename, completion (keywords + built-ins + module + locals + type-aware methods after .), semantic tokens (type-aware highlighting), documentHighlight (cursor identifier highlighted in-document), foldingRange (gutter +/- for function / type / impl / control-flow bodies), formatting + rangeFormatting (Format Document / Format Selection backed by the v3 formatter). Runs via capa lsp: bundled into the standalone binary (works out of the box), or the optional [lsp] extra on a pip install. One-line config for Helix, Neovim, Zed; a published VSCode extension with a bundled LSP client.

Supply-chain artefacts

Audit artefacts: --manifest, --cyclonedx 1.5 SBOM, --spdx 2.3 SBOM, --vex per-function exploitability claims, --provenance SLSA L1 attestation, per-function ineligibility proofs (provably_excluded_capabilities)
Eight seed libraries in the signed registry (capa_cli, capa_csv, capa_datetime, capa_hash, capa_http, capa_log, capa_sbom, capa_test), each pinned to a verify_key in the index, with three-layer supply-chain hardening: lockfile SHA pin (catches tag retags) + GPG tag signatures with verify_key pinning (catches account compromise) + SLSA L2 build provenance via Sigstore Rekor (each release fires actions/attest-build-provenance@v1). Consumer side: capa install runs gh attestation verify when a dep declares a verify_key.
SBOM and capability audit tooling written in Capa: examples/sbom_diff.capa, examples/sbom_capability_audit.capa, examples/spdx_parser.capa (JSON + tag-value), examples/cyclonedx_parser.capa (incl. services / vulnerabilities + VEX analysis)

Wasm

Wasm Component Model backend: capa --wasm --run (core wasm host bridge) and capa --wasm --component --run (Component Model artifact through an external wasmtime.component runtime); capa --wasm --component --output app.wasm produces a standalone Component Model .wasm artifact with the WIT spec embedded. Fully functional for real programs: output is bit-identical with the Python pipeline. Full generics parity (generic structs, sum types, methods, and nested instantiations), trait dispatch (both monomorphic and dynamic multi-impl, with struct and sum impl targets), nested closures, Fun-typed callee inference, and List<Bool> higher-order functions all lower through. pip install -e .[wasm] pulls in wasmtime>=20; the new --prefer-wasm flag (or CAPA_PREFER_WASM=1) makes capa --run try the Wasm backend first with silent fallback to Python.
Sound cross-function attenuation on Wasm and the Component Model host: every privileged host import takes a capability handle and enforces the receiver's restriction before the syscall, via host-side capability handle tables. Passing a restrict_to("data") cap to a helper that then tries a denied path is correctly denied at the Wasm runtime, byte-identical to Python.
All capabilities run on Wasm with parity: Fs (read / write / exists / is_dir / mkdir / list_dir / allows), Env (get / args / allows), Clock (now_secs / now_monotonic / sleep / allows), Stdio (print / println / eprintln / read_line), Net (get / restrict_to / allows), Random (with_seed / int_range / float_unit, byte-identical seeded output across backends), Db, Proc.
Language coverage on Wasm: String.replace / char_at (Option<String>) / index_of (Option<Int>); Map.keys / values; tuples of any arity; range iteration (for i in 0..n); Option / Result higher-order functions (map, and_then, map_err, or_else, ok, err).
Generics and traits on Wasm: full generics parity (generic structs, sum types, methods on generic types, and nested generic instantiations) monomorphises through; trait dispatch works both monomorphically and as dynamic multi-impl dispatch over struct and sum impl targets; a trait-typed value flows through a let, function parameter / return, struct field, sum payload, and match binder, then dispatches by dynamic type; trait-typed values are usable inside Option / Result / Map value / List element / tuple component / struct field, and structural equality of trait values is dispatched by type-id wherever they nest. The one remaining limit is deliberate: a trait used as a Map key or a Set element is a precise compile-time error (a sum-typed dynamic value is unhashable on the Python backend, so the two backends cannot agree on a trait key uniformly) rather than a silent divergence.
Unsafe is loudly rejected at Wasm emit time (Python-only).

Quality / tests

Agda mechanisation of all four soundness theorems for the λ_cap calculus, lives in proofs/. Capability soundness, attenuation monotonicity, the structural / flow / linear layers each checked by the type-checker in addition to the prose proof in docs/semantics.md.
Property-based testing through Phase 4: 50k+ generated programs stress-tested across plain / attenuated / via_helper / consumed call shapes; the Phase 4 strategy lifts the invariant wasm_runtime_classes ⊆ manifest_classes all the way through the Wasm backend.
Compile-time benchmarks (benchmarks/compile_bench.py): lex / parse / analyse wallclock measured across three synthetic programs. Baseline on Windows 11 + CPython 3.14: small 10-fn ~3.5 ms, medium 100-fn ~55 ms, large 1000-fn ~450 ms.
3127 unit + end-to-end tests run, green on Ubuntu / macOS / Windows × Python 3.10 / 3.12 / 3.14
Soundness-hardening pass (1.2.0): six fixes published as a security advisory, four in the linear / typestate use-once discipline (use-after-consume, anonymous drop, var / re-assignment, partial consume in a match) and two in information-flow control (a declared-@secret field preserves its label on read and on destructure). Every change only rejects more; no previously-rejected program is now accepted.

Public-readiness milestones

The bridge from "working alpha" to "shareable" closed long ago. The repository is public, governance documents are in place, the site is live, and the project has tagged its way from v0.2.0-alpha through v0.8.4-beta to v1.0.0 (the first stable release, 2026-06-03), then on under SemVer to v1.1.0 (2026-06-14), v1.2.0 (2026-06-15), a security-hardening line through to v1.5.1 (2026-06-18), and a further line through to v1.10.0 (2026-06-22) covering full Python/Wasm parity for capability attenuation, per-dependency SLSA provenance verification, and the linearisation of the Wasm backend's String, JSON-serialisation, and JSON-parsing paths.

DONE
"Capa would have caught X" demo, event-stream
A safe Capa version of the flat_map function whose JavaScript counterpart shipped a Bitcoin-wallet exfiltrator in 2018. Attack-attempt code shown rejected by the analyzer with source-aligned errors. Lives in examples/demo_event_stream.capa + docs/demo-event-stream.md.
DONE
CVE case studies: six concrete + four design-pattern
Six concrete incidents transliterated into Capa with the analyzer's rejection trace inline: event-stream, eslint-scope, node-ipc, xz-utils, torchtriton, ua-parser-js. Plus four design-pattern studies for vulnerability classes that show up across libraries: PyYAML (arbitrary-class deserialisation), Jinja2 SSTI, lxml XXE, and pickle. Each case study ships as examples/cve_*.capa + docs/cve_*.md.
DONE
LLM tool-use sandbox demo
capa_agent_demo v0.1.0 (2026-05-23). A four-tool agent harness written in ~400 lines of Capa, talking to the real Anthropic Messages API. The LLM's blast radius is statically bounded by the agent loop's signature; the tool surface (ReadOnlyFs, GetOnlyHttp) is built from attenuated wrappers around the built-in capabilities so the model can read but not write, and reach a single host but not the rest of the internet. Ships with the full three-layer supply-chain stack (signed tag + SLSA L2 attestation in Sigstore Rekor). Writeup in docs/llm-tool-sandbox.md.
DONE
Agda mechanisation of the soundness theorems
All four soundness theorems for the λ_cap calculus mechanised under proofs/: capability soundness, attenuation monotonicity, the structural / flow / linear layers. Type-checked by Agda in addition to the prose proofs in docs/semantics.md.
DONE
VSCode extension
TextMate grammar covering all keyword categories, with built-in capabilities highlighted distinctly. String interpolation, numeric literals in all bases, operators including .., ..=, =>, ?. Now published on the Visual Studio Marketplace with a bundled LSP client that auto-connects to capa lsp, plus code snippets. The source still lives in vscode/ for symlink / junction installs.
DONE
Public-facing website
A static site (Home, Why Capa, Learn, Reference, Get started, Roadmap). No JS framework, no external fonts. Served directly from GitHub Pages.
DONE
Public repository + governance documents
Repository is public; CONTRIBUTING, CHANGELOG, issue templates, SECURITY.md, and STABILITY.md all in place.

The road ahead

Design promises still open

DONE
Generic attenuation
The Net.restrict_to pattern now extends across every built-in capability: Fs.restrict_to(path_prefix), Db.restrict_to(path_prefix), and Proc.restrict_to(basename) narrow by prefix; Env.restrict_to_keys([...]) narrows by allowed key set; Clock.restrict_to_after(t) narrows to "active only after time t". Each narrows monotonically (chaining only ever intersects, never widens), gates every action method fail-closed, and is type-checked with return-type narrowing in capa/builtins.py. v1.6.0 closed the last gap by routing the .allows() query through the authoritative host function on Wasm, so dynamic-argument attenuation is now byte-identical across the Python and Wasm backends.
DONE
Native module system
import x.y resolves to x/y.capa against the loader's search-path chain (importer-local, CAPA_PATH, ./vendor/ from capa.toml, path deps, ./libraries/, root-file dir). pub gates visibility; cyclic imports are detected and reported with both source positions. Multi-directory projects work (the audit-trail-reporter, sbom-watch, and policy-eval downstream demos all use the module system end-to-end).
DONE
Package manager
capa.toml declares dependencies (git URL + tag/rev pin or a local path); capa install resolves and fetches them into ./vendor/ and writes a capa.lock for reproducible builds. capa add <name> (and capa add --dev for test-only deps) declares a dependency from the command line, resolving short names through the signed registry index. Test-only dependencies live in a [dev-dependencies] table. See docs/packages.md. --frozen and transitive resolution remain for future iterations.
DONE
Selective import with renaming
import foo (a, b as c) brings only the listed pub symbols into scope, with an optional as rename, and hides the rest. This resolves a pub name collision between two dependencies that export the same symbol (for example capa_csv and capa_cli both shipping a parse). Strictly additive: whole-module import foo and import foo as bar are unchanged. Shipped in 1.2.0.
P3
Refinement types
Marked as future in the design notes, a way to express, in the type system, properties like "this string is non-empty" or "this list is sorted". Research-grade; not in scope for a 1.0.

EBNF declares but not implemented

DONE
Doc comments (///, /**) + capa --doc generator
Lexer emits DOC_COMMENT tokens with leading-space and Javadoc star-margin stripped; parser attaches them to the next declaration; --doc renders a self-contained HTML page with paragraphs, inline code, fenced code blocks (with language tags), bulleted lists, and a separate Traits section.
DONE
Raw strings (r"...")
No escape processing and no ${} interpolation: every character up to the next " is taken literally. Useful for Windows paths and regular-expression patterns. Landed in v0.6.0-alpha.
DONE
Named arguments (f(name: "Ana", age: 30))
Parser accepts an optional IDENT ":" prefix on each call argument; the analyzer reorders to parameter order before type checking and rejects positional-after-named, unknown names, duplicates, and arity mismatches. Built-in methods on String, Map, Set, and capabilities reject named arguments because their parameter names are not tracked. Landed in v0.6.0-alpha.

Tooling that moves the adoption needle

DONE (v1)
Language server (LSP)
Twelve features live: diagnostics (full pipeline on every buffer change), hover (signature or name: T in Markdown), go-to-definition, find-references, document symbols (hierarchical outline), code actions (Quick Fix for "did you mean?" hints), rename (workspace edit with new-name validation), completion, semantic tokens, documentHighlight (cursor identifier highlighted in-document), foldingRange (gutter +/- for function / type / impl / control-flow bodies), and formatting + rangeFormatting (Format Document / Format Selection backed by the v3 formatter). Completion has both a floor (keywords + built-in types / capabilities / variants / functions) and an analyzer-aware layer: module-level names with their signatures, function-scope locals at the cursor, plus type-aware method completion after . for built-in and user-defined types alike. Semantic tokens deliver type-aware highlighting beyond what a TextMate grammar can do: capabilities, parameters, let-bound vs var-bound variables, struct fields, and sum-type variants are all coloured distinctly, with a defaultLibrary modifier on built-ins so themes can render them at a different intensity. Mid-edit buffers are handled by a parse-with-placeholder retry so a trailing stdio. still surfaces the right methods. Coverage includes both reference and declaration sites: the parser records name_pos for every declared name, so hovering on foo in fun foo(...) works the same as hovering on a call to foo. Python implementation using pygls>=2.0, bundled into the standalone binary (so capa lsp works with no extra dependency) and available as the optional [lsp] extra on a pip install; ships with one-line config for Helix and Neovim, and a published VSCode extension with a bundled LSP client. Remaining v2 polish (deferred until a real-user session surfaces a specific need): signatureHelp, inlayHint, workspace/symbol, codeLens, selectionRange.
DONE (v1)
Formatter (capa --fmt / --fmt-check)
Canonical, non-configurable, idempotent. v3 is the default for capa --fmt: an AST round-trip pipeline (lex + parse + walk + emit). Comments survive via a CommentMap side-table keyed by id(node) with four slots (leading, trailing, trailing_header, interior). On any lex / parse / emit failure the pipeline falls back gracefully to the v1+v2 line-level pass, so mid-edit or syntactically-broken files still get safe textual cleanup. Idempotent and byte-exact on 71 corpus files (51 examples/ + 20 evaluation/sbom_diff/). Design doc at docs/formatter-v3-comment-map-design.md.
DONE
capa init project scaffolding
capa init [name] creates a runnable starter with main.capa (Stdio-using), README.md, .gitignore, and .capa-version. The starter passes --check and --fmt-check out of the box.
DONE
capa test runner
Discovers and runs tests/test_*.capa; a test passes on exit 0 and a panic fails it. --wasm runs on the Wasm backend, and --both runs both backends and diffs their stdout, the cheapest cross-backend parity check a library can run. Test-only dependencies live in [dev-dependencies]. Shipped in 1.1.0.
DONE
Signed package registry index
A signed registry index ships: index.json maps a short package name to its git source and pinned verify_key, so capa add <name> resolves a name through the index rather than requiring a hand-typed git URL. The index is the root of trust for that flow and is itself GPG-verified against a key fingerprint embedded in the toolchain, fail-closed on a missing or invalid signature. It currently carries 8 seed libraries. A full hosted registry with search and a web publish flow remains future; the signed index covers name resolution and supply-chain anchoring today.

Wasm Component Model backend

Capa lowers through a typed IR (CIR) into a hand-written WAT emitter and a Component Model packager. The backend exists so a Capa program can ship as a portable, capability-confined .wasm artifact runnable on any wasmtime-component host. Fully functional for real programs: programs run end-to-end via both capa --wasm --run and capa --wasm --component --run with output bit-identical to the Python reference pipeline.

DONE
Core Wasm backend
WAT emitter covers every analysable example: structs, sum types with payloads, pattern matching (including guards), closures, generics with full monomorphisation parity (generic structs, sums, methods, nested instantiations), trait dispatch (monomorphic and dynamic multi-impl over struct and sum impl targets, including trait-typed values nested in containers and structural equality of trait values), Fun-typed callee inference, nested closures, List<Bool> and other higher-order operations, Float formatting via a pure-WAT Grisu2 port that is bit-identical with Python's str(float). A trait used as a Map key or Set element is a deliberate loud compile-time error rather than a silent Python/Wasm divergence.
DONE
Component Model packaging
capa --wasm --component --output app.wasm produces a standalone Component Model artifact: WIT spec embedded, cabi_realloc exported, canonical-ABI lowering for list<string> / option<string> / result<string, io-error> and friends, export main: func(); entry point. The bundled capa/ir/_builtin_json.capa JSON parser keeps the JsonValue tree in the guest's own linear memory, so the artifact has no capa:host/json dependency.
DONE
Wasm as an optional install + --prefer-wasm
pip install -e .[wasm] pulls in wasmtime>=20. The --prefer-wasm flag (or CAPA_PREFER_WASM=1) makes capa --run try the Wasm backend first, with silent fallback to the Python pipeline when a program uses something the Wasm emitter does not yet handle.
DONE
Sound cross-function attenuation enforcement
Enforcement is sound on Wasm and on the Component Model host via host-side capability handle tables: every privileged host import takes a capability handle and enforces the receiver's restriction before the syscall. Fs.restrict_to, Net.restrict_to, and Env.restrict_to_keys all enforce at the Wasm boundary; the failure path materialises the canonical Err/None into the canonical-ABI return area and skips the host call. Cross-function chains are enforced at runtime, not left to the analyzer's static discipline: passing a restrict_to("data") cap to a helper that then tries a denied path is correctly denied at the Wasm runtime, byte-identical to Python.

SBOM and supply-chain work

Capa's positioning: a capability-typed language whose distinctive contribution is the integration between the type system and the supply-chain governance stack. The compiler natively emits the artefacts that other capability languages leave to external tools. The roadmap below strengthens exactly that axis.

DONE
SPDX 2.3 parsers written in Capa
examples/spdx_parser.capa reads SPDX 2.3 JSON; examples/spdx_tag_parser.capa handles the tag-value text serialisation. Both build typed Capa structs and run the validators (annotations, hasExtractedLicensingInfos, snippets, externalDocumentRefs, referential integrity). The writeup tying them together is at docs/sbom-parsers.md.
DONE
CycloneDX 1.5 parser written in Capa
examples/cyclonedx_parser.capa. Full-format coverage including services, vulnerabilities + VEX analysis, evidence per component, JSF signatures, externalReferences, compositions.
DONE
SBOM and capability audit pipeline
examples/sbom_capability_audit.capa. Reads a CycloneDX SBOM plus a JSON policy and flags any function whose declared capabilities exceed the policy's allowance. Policies now carry a structural rule list alongside the per-function map; a single (fn, cap) pair can raise both a per-function and a structural violation.
DONE
SBOM diff tool
examples/sbom_diff.capa. Compares two CycloneDX SBOMs and reports per-function widenings (alert), narrowings (improvement), additions, removals. The auditor-facing piece: between any two releases, one command tells you what changed in the authority surface.
DONE
CRA article-by-article mapping
docs/cra.md. Maps Capa's machinery onto Regulation (EU) 2024/2847 with each Annex I requirement classified as direct, indirect, partial, or out of scope.
DONE
SPDX 2.3 emission
capa --spdx file.capa. Companion to --cyclonedx; emits SPDX 2.3 JSON with per-function capability metadata via standard annotations[]. Linux Foundation ecosystem and OpenChain-conformant pipelines now have a first-class entry point.
DONE
VEX integration (CycloneDX VEX format)
Per-function exploitability claims via @vex(cve, status, justification, detail) attribute on functions. Each @vex emits one CycloneDX vulnerability entry whose affects[] ref points at the specific function's bom-ref. Available embedded in --cyclonedx and standalone via --vex. No other language emits VEX at function granularity; this is the genuinely novel piece of the Tier 1 plan.
DONE
SLSA Build L1 provenance attestation
capa --provenance file.capa. In-toto Statement v1 with SLSA Provenance v1.0 predicate; subject is the SHA-256 of the source .capa file. Consumable by any SLSA-aware verifier (slsa-verifier, in-toto attest, cosign verify-blob). Completes the SBOM ↔ VEX ↔ provenance triangle.
DONE
Consolidated regulatory mapping
docs/regulatory.md. Comparative table covering CRA, NIS2, DORA (cybersecurity articles only), NIST SSDF (SP 800-218), OWASP SCVS. Headline matrix: 8 Capa artefacts versus 5 frameworks, with four-level classification (direct / indirect / partial / out of scope). Keeps docs/cra.md as the CRA deep-dive; this is the multi-jurisdiction view. Tier 2 complete.
DONE
Three-layer supply-chain hardening (seed libraries)
The eight registry seed libraries ship with three stacked layers of attestation: lockfile SHA pin (catches tag retags), GPG tag signatures with a verify_key in each consumer's capa.toml (catches account compromise that moves a tag to an attacker commit), and SLSA L2 build provenance via Sigstore Rekor (actions/attest-build-provenance@v1 fires on every v* tag push). Consumer side: capa install runs gh attestation verify implicitly when a dep declares verify_key and is GitHub-hosted, refuses on mismatch, and graceful-skips on missing tarball / missing gh / non-GitHub host.
DONE
Empirical capability-recall study: head-to-head against Semgrep and CodeQL
A 25-pair Python / Capa corpus at evaluation/empirical_study/, scoring 48 per-function (function, capability) facts across four treatments: a dependency / PURL SBOM, Semgrep, CodeQL 2.25.6, and Capa by construction. Two distinct questions. On positive attribution (Q1) Capa ties the best dataflow tool exactly, 38/48 each against Semgrep's 36/48; on closed-world false-clearance (Q2, lower is better) Capa commits 0/48 against CodeQL's 10/48, Semgrep's 12/48, and the dependency SBOM's 48/48, because Capa distinguishes sound provably-excluded facts (proved in Agda) from not-determined. The depth half reads the real manifest of two enterprise programs (capa_paymentguard, capa_claimdesk): 88-94 % of functions provably pure, 625 and 2,295 provably-excluded facts no dependency SBOM expresses. Reproducible end to end via python evaluation/empirical_study/run_study.py against a versioned ground truth. Walkthrough on the study page; canonical source at evaluation/empirical_study/summary.md.
DONE
SBOM-parser writeup
Cross-cutting documentation of the two parsers (spdx_parser / spdx_tag_parser for SPDX 2.3, cyclonedx_parser for CycloneDX 1.5), the optional-field coverage matrices, and how the Capa versions thread the parsed structures back into the audit pipeline. Lives in docs/sbom-parsers.md.

Help shape the next milestone

Capa is a personal project; it is also an open one. Issues, design discussions, and pull requests are welcome. The fastest way to influence the roadmap is to show up with a real use case.

Open an issue Read the full TODO Install and try it